Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/04/10 1:22 a.m.3 views

CVE-2026-31040

A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...

9.8CVSS5.9AI score0.00557EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/08 6:34 p.m.9 views

stata-mcp has insufficient validation of user-supplied Stata do-file content that can lead to command execution

A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...

9.8CVSS5.9AI score0.00557EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/04/08 4:16 p.m.4 views

CVE-2026-31040

A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...

9.8CVSS0.00557EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/08 12:0 a.m.5 views

CVE-2026-31040

A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...

5.9AI score0.00557EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31323

Name of the Vulnerable Software and Affected Versions stata-mcp versions prior to 1.13.0 Description Insufficient validation of user-supplied Stata do-file content in stata-mcp can lead to command execution. Recommendations Update stata-mcp to version 1.13.0 or later...

9.8CVSS5.8AI score0.00557EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.6 views

SepineTam Stata-MCP 安全漏洞

SepineTam Stata-MCP is an extended statistical analysis tool from the SepineTam company. Versions of SepineTam Stata-MCP prior to v1.13.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient validation of the Stata do-file content provided to users, which could lead...

9.8CVSS5.8AI score0.00557EPSS
Exploits0References5
CVE
CVE
added 2026/04/08 12:0 a.m.27 views

CVE-2026-31040

CVE-2026-31040 affects stata-mcp prior to v1.13.0, where insufficient validation of user-supplied Stata do-file content can lead to command execution. The vulnerability is documented across multiple sources (Red Hat, OSV, ENISA, CVE databases) with a fix in v1.13.0 and later. Affected component: ...

9.8CVSS5.9AI score0.00557EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/08 12:0 a.m.18 views

CVE-2026-31040

A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...

0.00557EPSS
Exploits0References4
Snyk
Snyk
added 2025/12/02 6:45 a.m.4 views

Command Injection

Overview stata-mcp is a Let LLM help you achieve your regression analysis with Stata Affected versions of this package are vulnerable to Command Injection via the statado tool’s handling of Stata do-files. The server executes user-provided or LLM-generated do-files with subprocess.Popen...,...

9.8CVSS8.5AI score
Exploits0References3
Rows per page
Query Builder